package t3;

import android.util.Log;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public final class k {

    /* renamed from: d, reason: collision with root package name */
    public static final HostnameVerifier f6085d = HttpsURLConnection.getDefaultHostnameVerifier();

    /* renamed from: a, reason: collision with root package name */
    public SSLSocketFactory f6086a;

    /* renamed from: b, reason: collision with root package name */
    public X509TrustManager f6087b;

    /* renamed from: c, reason: collision with root package name */
    public SSLSocket f6088c = null;

    public k() {
        StringBuilder sb;
        StringBuilder sb2;
        X509TrustManager x509TrustManager;
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int length = trustManagers.length;
            int i4 = 0;
            while (true) {
                if (i4 >= length) {
                    x509TrustManager = null;
                    break;
                }
                TrustManager trustManager = trustManagers[i4];
                if (trustManager instanceof X509TrustManager) {
                    x509TrustManager = (X509TrustManager) trustManager;
                    break;
                }
                i4++;
            }
            this.f6087b = x509TrustManager;
        } catch (KeyStoreException e4) {
            e = e4;
            sb = new StringBuilder("");
            sb.append(e.getMessage());
            Log.e("SSLAuthCert", sb.toString());
            e.printStackTrace();
            TrustManager[] trustManagerArr = {new z2.k(2, this)};
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerArr, null);
            this.f6086a = sSLContext.getSocketFactory();
        } catch (NoSuchAlgorithmException e5) {
            e = e5;
            sb = new StringBuilder("");
            sb.append(e.getMessage());
            Log.e("SSLAuthCert", sb.toString());
            e.printStackTrace();
            TrustManager[] trustManagerArr2 = {new z2.k(2, this)};
            SSLContext sSLContext2 = SSLContext.getInstance("TLS");
            sSLContext2.init(null, trustManagerArr2, null);
            this.f6086a = sSLContext2.getSocketFactory();
        }
        TrustManager[] trustManagerArr22 = {new z2.k(2, this)};
        try {
            SSLContext sSLContext22 = SSLContext.getInstance("TLS");
            sSLContext22.init(null, trustManagerArr22, null);
            this.f6086a = sSLContext22.getSocketFactory();
        } catch (KeyManagementException e6) {
            e = e6;
            sb2 = new StringBuilder("");
            sb2.append(e.getMessage());
            Log.e("SSLAuthCert", sb2.toString());
            e.printStackTrace();
        } catch (NoSuchAlgorithmException e7) {
            e = e7;
            sb2 = new StringBuilder("");
            sb2.append(e.getMessage());
            Log.e("SSLAuthCert", sb2.toString());
            e.printStackTrace();
        }
    }

    public final int a(SSLSocket sSLSocket, String str) {
        Log.i("SSLAuthCert", "get sslSession");
        sSLSocket.startHandshake();
        SSLSession session = sSLSocket.getSession();
        if (!session.isValid()) {
            Log.i("SSLAuthCert", "validation error: failed to perform SSL handshake");
            SSLSession session2 = sSLSocket.getSession();
            if (session2 != null) {
                session2.invalidate();
            }
            sSLSocket.close();
            throw new SSLHandshakeException("failed to perform SSL handshake");
        }
        Log.i("SSLAuthCert", "sslSession PeerPrincipal: " + session.getPeerPrincipal().getName());
        Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
        if (peerCertificates == null || peerCertificates.length == 0) {
            Log.e("SSLAuthCert", "failed to retrieve peer certificates");
            SSLSession session3 = sSLSocket.getSession();
            if (session3 != null) {
                session3.invalidate();
            }
            sSLSocket.close();
            return 73;
        }
        X509Certificate[] x509CertificateArr = (X509Certificate[]) peerCertificates;
        X509Certificate x509Certificate = x509CertificateArr[0];
        if (x509Certificate == null) {
            throw new IllegalArgumentException("certificate for this site is null");
        }
        X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        Log.d("SSLAuthCert", "subject " + subjectX500Principal.getName());
        Log.d("SSLAuthCert", "issuer " + issuerX500Principal.getName());
        if (f6085d.verify(str, session)) {
            Log.d("SSLAuthCert", "Domain trusted");
            try {
                this.f6087b.checkServerTrusted(x509CertificateArr, "RSA");
                Log.d("SSLAuthCert", "Server Trusted");
                return 0;
            } catch (CertificateException e4) {
                Log.e("SSLAuthCert", e4.getClass().getName());
                Log.e("SSLAuthCert", "failed to validate the certificate chain, error: " + e4.getMessage());
                if (e4 instanceof CertificateExpiredException) {
                    return 70;
                }
            }
        } else {
            Log.e("SSLAuthCert", "certificate not for this host: " + str);
        }
        return 75;
    }
}
